Re: how to filter on applications?

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Gáspár Lajos" <swifty@freemail.hu>
To: vwf <vwf@vulkor.net>
Cc: Netfilter IPtableMailinglist <netfilter@lists.netfilter.org>
Subject: Re: how to filter on applications?
Date: Fri, 27 Oct 2006 10:53:33 +0200	[thread overview]
Message-ID: <4541C90D.3050000@freemail.hu> (raw)
In-Reply-To: <20061027083635.GA4518@trane.vulkor.net>

vwf írta:
> On Fri, Oct 27, 2006 at 10:27:00AM +0200, Gáspár Lajos wrote:
>   
>> vwf írta:
>>     
>>> On Thu, Oct 26, 2006 at 03:25:22PM -0400, Mike wrote:
>>>  
>>>       
>>>> vwf wrote:
>>>>    
>>>>         
>>>>> Hello,
>>>>>
>>>>> I want to filter outgoing traffic based on the originating application.
>>>>> How do I do this? Please tell me iptables can do this. If not, how can I
>>>>> lock down my system?
>>>>>      
>>>>>           
>>>  
>>>       
>>>> http://l7-filter.sourceforge.net/
>>>>    
>>>>         
>>> This filters on protocol, not on application.
>>>
>>>  
>>>       
>> Yes! Because APPLICATIONS use PROTOCOLS to communicate with....
>>
>> What do you do not understand?
>>     
>
> My question was how to filter on application. Filtering on protocol does
> not suffice.
>
>   
Okay... You want to filter on APPLICATION...
Let me assume that you have a firewall and some clients.
You want to block some traffic originated from your clients depending on
the application.

If an application talks to an other party then it uses a "language" that
both understands.
This is the PROTOCOL.

In netfilter/iptables you can analyse the packets. Where from do they
coming and where do they go...
If you want to know the content of this pipe then you have to use some
layer 7 filtering mechanism...

http://en.wikipedia.org/wiki/OSI_model

BUT if I did not understood you correctly then please send me an exact
question...

Thanx

Swifty

next prev parent reply	other threads:[~2006-10-27  8:53 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-10-26 18:53 how to filter on applications? vwf
2006-10-26 19:25 ` Mike
2006-10-27  8:22   ` vwf
2006-10-27  8:27     ` Gáspár Lajos
     [not found]       ` <20061027083635.GA4518@trane.vulkor.net>
2006-10-27  8:53         ` Gáspár Lajos [this message]
2006-10-27 10:37           ` Gabor Szokoli
2006-10-27 11:04             ` vwf
2006-10-27 12:54               ` Pablo Sanchez
2006-10-30  9:40                 ` Gáspár Lajos

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4541C90D.3050000@freemail.hu \
    --to=swifty@freemail.hu \
    --cc=netfilter@lists.netfilter.org \
    --cc=vwf@vulkor.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.